Browse Source

查询数据权限优化

master
DX 1 month ago
parent
commit
252c3e3b0f
  1. 2
      yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/enums/ErrorCodeConstants.java
  2. 11
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/vo/RoleNameAndSelectTypeVO.java
  3. 4
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthService.java
  4. 54
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java
  5. 28
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/enterprise/EnterpriseServiceImpl.java
  6. 33
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/enterpriseinspections/EnterpriseInspectionsServiceImpl.java
  7. 7
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/home/HomeServiceImpl.java
  8. 74
      yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/taskinfo/TaskInfoServiceImpl.java
  9. 6
      yudao-server/src/main/resources/application-local.yaml

2
yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/enums/ErrorCodeConstants.java

@ -208,5 +208,7 @@ public interface ErrorCodeConstants {
ErrorCode SIGN_IN_LOG_ERROR6 = new ErrorCode(1-003-005-003, "超过2人才能打开");
ErrorCode ROLE_ERROR = new ErrorCode(1-003-005-004, "请分配角色后再查看");
ErrorCode POLICY_NOT_EXISTS = new ErrorCode(1-003-006-001, "政策法规不存在");
}

11
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/vo/RoleNameAndSelectTypeVO.java

@ -0,0 +1,11 @@
package cn.iocoder.yudao.module.system.controller.admin.auth.vo;
import lombok.Data;
@Data
public class RoleNameAndSelectTypeVO {
//角色名称
private String roleName;
//值
private Long value;
}

4
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthService.java

@ -102,5 +102,9 @@ public interface AdminAuthService {
*/
AuthLoginRespVO webAppLogin(AuthSocialLoginReqVO reqVO);
/*
根据用户id 查询角色信息
*/
RoleNameAndSelectTypeVO roleTypeByUserId();
}

54
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java

@ -32,6 +32,7 @@ import cn.iocoder.yudao.module.system.service.oauth2.OAuth2TokenService;
import cn.iocoder.yudao.module.system.service.social.SocialClientService;
import cn.iocoder.yudao.module.system.service.social.SocialUserService;
import cn.iocoder.yudao.module.system.service.user.AdminUserService;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.google.common.annotations.VisibleForTesting;
import com.xingyuv.captcha.model.common.ResponseModel;
import com.xingyuv.captcha.model.vo.CaptchaVO;
@ -45,10 +46,13 @@ import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import javax.validation.Validator;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
import static cn.iocoder.yudao.framework.common.util.servlet.ServletUtils.getClientIP;
import static cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils.getLoginUserId;
import static cn.iocoder.yudao.module.system.enums.ErrorCodeConstants.*;
/**
@ -456,8 +460,58 @@ public class AdminAuthServiceImpl implements AdminAuthService {
return null;
}
@Override
public RoleNameAndSelectTypeVO roleTypeByUserId() {
Long loginUserId = getLoginUserId();
AdminUserDO user = userService.getUser(loginUserId);
RoleNameAndSelectTypeVO roleNameAndSelectTypeVO = new RoleNameAndSelectTypeVO();
if (user != null) {
if (user.getPostIds() != null) {
if (user.getPostIds().contains(1L) || user.getPostIds().contains(2L)) {
// 全部权限,不需要设置任何条件
roleNameAndSelectTypeVO.setRoleName("director");
} else if (user.getPostIds().contains(4L)) {
// 本部门权限
roleNameAndSelectTypeVO.setRoleName("queue");
roleNameAndSelectTypeVO.setValue(user.getDeptId());
} else {
// 仅自己权限
roleNameAndSelectTypeVO.setRoleName("self");
roleNameAndSelectTypeVO.setValue(loginUserId);
}
} else {
//如果岗位不存在查询角色
LambdaQueryWrapper<UserRoleDO> wrapper = new LambdaQueryWrapper<>();
wrapper.eq(UserRoleDO::getUserId, loginUserId);
List<UserRoleDO> userRoleDO = userRoleMapper.selectList(wrapper);
if (userRoleDO == null) {
throw exception(ROLE_ERROR);
}
List<Long> collect = userRoleDO.stream().map(item -> item.getRoleId()).collect(Collectors.toList());
if (collect.contains(164l) || collect.contains(1l)) {
// 全部权限,不需要设置任何条件
roleNameAndSelectTypeVO.setRoleName("director");
} else if (collect.contains(163L)) {
// 本部门权限
roleNameAndSelectTypeVO.setRoleName("queue");
roleNameAndSelectTypeVO.setValue(user.getDeptId());
} else {
// 仅自己权限
roleNameAndSelectTypeVO.setRoleName("self");
roleNameAndSelectTypeVO.setValue(loginUserId);
}
}
} else {
throw exception(USER_NOT_EXISTS);
}
return roleNameAndSelectTypeVO;
}
@VisibleForTesting

28
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/enterprise/EnterpriseServiceImpl.java

@ -1,6 +1,7 @@
package cn.iocoder.yudao.module.system.service.enterprise;
import cn.iocoder.yudao.module.infra.api.file.FileApi;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.RoleNameAndSelectTypeVO;
import cn.iocoder.yudao.module.system.controller.admin.user.vo.user.UserSaveReqVO;
import cn.iocoder.yudao.module.system.dal.dataobject.enterpriseauditlog.EnterpriseAuditLogDO;
import cn.iocoder.yudao.module.system.dal.dataobject.enterprisesuser.EnterprisesUserDO;
@ -17,6 +18,7 @@ import cn.iocoder.yudao.module.system.dal.mysql.fileInfo.FileInfoMapper;
import cn.iocoder.yudao.module.system.dal.mysql.permission.RoleMapper;
import cn.iocoder.yudao.module.system.dal.mysql.permission.UserRoleMapper;
import cn.iocoder.yudao.module.system.dal.mysql.user.AdminUserMapper;
import cn.iocoder.yudao.module.system.service.auth.AdminAuthService;
import cn.iocoder.yudao.module.system.service.fileInfo.FileInfoService;
import cn.iocoder.yudao.module.system.service.permission.RoleService;
import cn.iocoder.yudao.module.system.service.user.AdminUserService;
@ -71,6 +73,8 @@ public class EnterpriseServiceImpl implements EnterpriseService {
private AdminUserMapper adminUserMapper;
@Resource
private EnterprisesUserMapper enterprisesUserMapper;
@Resource
private AdminAuthService authService;
//企业图片
public final static Long DEFAULT_DICT_DATA_QY = 1L;
@ -227,23 +231,13 @@ public class EnterpriseServiceImpl implements EnterpriseService {
@Override
public PageResult<EnterpriseDO> getEnterpriseByUserId(EnterprisePageReqVO pageReqVO) {
//根据角色显示不同
/*
管理员局长查全部
检查员查自己的
队长 查本部门
*/
Long loginUserId = getLoginUserId();
final AdminUserDO user1 = adminUserService.getUser(loginUserId);
if (user1.getPostIds().contains(1l) || user1.getPostIds().contains(2l)) {
//全部
} else if (user1.getPostIds().contains(4l)) {
//本部门
pageReqVO.setDepartmentId(user1.getDeptId());
} else if (user1.getPostIds().contains(5l)) {
//自己
pageReqVO.setUserId(loginUserId);
RoleNameAndSelectTypeVO typeVO = authService.roleTypeByUserId();
if ("self".equals(typeVO.getRoleName())) {
pageReqVO.setUserId(typeVO.getValue());
}
if ("queue".equals(typeVO.getRoleName())) {
pageReqVO.setDepartmentId(typeVO.getValue());
}
final PageResult<EnterpriseDO> enterpriseDOPageResult = enterpriseMapper.selectPage(pageReqVO);

33
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/enterpriseinspections/EnterpriseInspectionsServiceImpl.java

@ -1,5 +1,6 @@
package cn.iocoder.yudao.module.system.service.enterpriseinspections;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.RoleNameAndSelectTypeVO;
import cn.iocoder.yudao.module.system.dal.dataobject.dept.DeptDO;
import cn.iocoder.yudao.module.system.dal.dataobject.enterprise.EnterpriseDO;
import cn.iocoder.yudao.module.system.dal.dataobject.inspectionslog.InspectionsLogDO;
@ -20,6 +21,7 @@ import cn.iocoder.yudao.module.system.dal.mysql.taglibrary.TagLibraryMapper;
import cn.iocoder.yudao.module.system.dal.mysql.taskinfo.TaskInfoMapper;
import cn.iocoder.yudao.module.system.dal.mysql.tasktag.TaskTagMapper;
import cn.iocoder.yudao.module.system.dal.mysql.user.AdminUserMapper;
import cn.iocoder.yudao.module.system.service.auth.AdminAuthService;
import cn.iocoder.yudao.module.system.service.dept.DeptService;
import cn.iocoder.yudao.module.system.service.inspectionslog.InspectionsLogService;
import cn.iocoder.yudao.module.system.service.taglibrary.TagLibraryService;
@ -81,6 +83,8 @@ public class EnterpriseInspectionsServiceImpl implements EnterpriseInspectionsSe
private RoleMapper roleMapper;
@Resource
private SignInLogMapper signInLogMapper;
@Resource
private AdminAuthService authService;
@Override
public Long createEnterpriseInspections(EnterpriseInspectionsSaveReqVO createReqVO) {
@ -182,23 +186,18 @@ public class EnterpriseInspectionsServiceImpl implements EnterpriseInspectionsSe
@Override
public PageResult<EnterpriseInspectionsDO> getEnterpriseInspectionsPage(EnterpriseInspectionsPageReqVO pageReqVO) {
//根据角色显示不同
/*
管理员局长查全部
检查员查自己的
队长 查本部门
*/
Long loginUserId = getLoginUserId();
final AdminUserDO user1 = adminUserService.getUser(loginUserId);
if (user1.getPostIds().contains(1l) || user1.getPostIds().contains(2l)) {
//全部
} else if (user1.getPostIds().contains(4l)) {
//本部门
pageReqVO.setDepartmentId(user1.getDeptId());
} else if (user1.getPostIds().contains(5l)) {
//自己
pageReqVO.setUserId(loginUserId);
RoleNameAndSelectTypeVO typeVO = authService.roleTypeByUserId();
if ("self".equals(typeVO.getRoleName())) {
pageReqVO.setUserId(typeVO.getValue());
}
if ("queue".equals(typeVO.getRoleName())) {
pageReqVO.setDepartmentId(typeVO.getValue());
final List<AdminUserDO> adminUserDOS = adminUserMapper.selectList(new QueryWrapper<AdminUserDO>().eq("dept_id", typeVO.getValue()));
if (adminUserDOS != null || adminUserDOS.size() > 0) {
final List<Long> collect = adminUserDOS.stream().map(item -> item.getId()).collect(Collectors.toList());
pageReqVO.setUserIds(collect);
}
}
//按照部门查询

7
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/home/HomeServiceImpl.java

@ -31,13 +31,6 @@ public class HomeServiceImpl implements HomeService{
private TaskInfoService taskInfoService;
@Resource
private TaskInfoMapper taskInfoMapper;
@Resource
private EnterpriseTagMapper enterpriseTagMapper;
@Resource
private AdminUserService adminUserService;
@Resource
private DeptService deptService;
@Override
public HomeCountResVO appCount1(HomeSelectVO homeSelectVO) {

74
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/taskinfo/TaskInfoServiceImpl.java

@ -5,6 +5,7 @@ import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
import cn.iocoder.yudao.framework.mybatis.core.query.LambdaQueryWrapperX;
import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils;
import cn.iocoder.yudao.module.infra.api.job.JobApi;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.RoleNameAndSelectTypeVO;
import cn.iocoder.yudao.module.system.controller.admin.enterpriseinspections.vo.EnterpriseInspectionsPageReqVO;
import cn.iocoder.yudao.module.system.controller.admin.tasktag.vo.TaskTagPageReqVO;
import cn.iocoder.yudao.module.system.dal.dataobject.dept.DeptDO;
@ -18,6 +19,7 @@ import cn.iocoder.yudao.module.system.dal.mysql.enterpriseinspections.Enterprise
import cn.iocoder.yudao.module.system.dal.mysql.taglibrary.TagLibraryMapper;
import cn.iocoder.yudao.module.system.dal.mysql.tasktag.TaskTagMapper;
import cn.iocoder.yudao.module.system.dal.mysql.user.AdminUserMapper;
import cn.iocoder.yudao.module.system.service.auth.AdminAuthService;
import cn.iocoder.yudao.module.system.service.dept.DeptService;
import cn.iocoder.yudao.module.system.service.taglibrary.TagLibraryService;
import cn.iocoder.yudao.module.system.service.user.AdminUserService;
@ -63,17 +65,11 @@ public class TaskInfoServiceImpl implements TaskInfoService {
@Resource
private TaskTagMapper taskTagMapper;
@Resource
private JobApi jobApi;
@Resource
private EnterpriseMapper enterpriseMapper;
@Resource
private EnterpriseInspectionsMapper enterpriseInspectionsMapper;
@Resource
private TagLibraryMapper tagLibraryMapper;
@Resource
private AdminUserService adminUserService;
@Resource
private AdminUserMapper adminUserMapper;
private AdminAuthService authService;
@Resource
private DeptService deptService;
@Resource
@ -123,17 +119,6 @@ public class TaskInfoServiceImpl implements TaskInfoService {
enterpriseInspectionsMapper.insertBatch(list);
}
if(taskInfo.getId()>0){
// //添加定时任务
// JobSaveReqVO jobSaveReqVO = new JobSaveReqVO();
// try {
// jobApi.createJob(jobSaveReqVO);
// } catch (Throwable e) {
// throw new RuntimeException(e);
// }
}
// 返回
return taskInfo.getId();
}
@ -223,16 +208,6 @@ public class TaskInfoServiceImpl implements TaskInfoService {
@Override
public PageResult<TaskInfoDO> getTaskInfoAppPage(TaskInfoPageReqVO pageReqVO) {
// //按标签查询
// if (pageReqVO.getTagList() != null && pageReqVO.getTagList().size() > 0) {
// LambdaQueryWrapper<TaskTagDO> wrapper = new LambdaQueryWrapper<>();
// wrapper.in(TaskTagDO::getTagId, pageReqVO.getTagList());
// final List<TaskTagDO> taskTagDOS = taskTagMapper.selectList(wrapper);
// if (taskTagDOS != null && taskTagDOS.size() > 0) {
// pageReqVO.setTagList(taskTagDOS.stream().map(item->item.getTaskId()).collect(Collectors.toList()));
// }
// }
//按时间查询
if (pageReqVO.getSelectWeek() != null) {
LocalDateTime now = LocalDateTime.now();
@ -258,27 +233,15 @@ public class TaskInfoServiceImpl implements TaskInfoService {
pageReqVO.setStartTime(startTime);
}
//根据不同的角色查询
/*
管理员局长查全部
检查员查自己的
队长 查本部门
*/
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
final AdminUserDO user1 = adminUserService.getUser(loginUserId);
if (user1.getPostIds().contains(1l) || user1.getPostIds().contains(2l)) {
//全部
} else if (user1.getPostIds().contains(4l)) {
//本部门
pageReqVO.setDeptId(user1.getDeptId());
} else if (user1.getPostIds().contains(5l)) {
//自己
pageReqVO.setUserId(loginUserId);
RoleNameAndSelectTypeVO typeVO = authService.roleTypeByUserId();
if ("self".equals(typeVO.getRoleName())) {
pageReqVO.setUserId(typeVO.getValue());
}
// final PageResult<TaskInfoDO> taskInfoDOPageResult = taskInfoMapper.selectAppPage(pageReqVO);
if ("queue".equals(typeVO.getRoleName())) {
pageReqVO.setDeptId(typeVO.getValue());
}
Page<TaskInfoDO> page = new Page<>(pageReqVO.getPageNo(), pageReqVO.getPageSize());
final IPage<TaskInfoDO> taskInfoDOIPage = taskInfoMapper.selectMyPage(page, pageReqVO);
@ -286,16 +249,6 @@ public class TaskInfoServiceImpl implements TaskInfoService {
if (taskInfoDOPageResult.getList() != null && taskInfoDOPageResult.getList().size() > 0) {
taskInfoDOPageResult.getList().forEach(item->{
// item.setTaskExecNum(0);
//
// List<EnterpriseInspectionsDO> enterpriseInspectionsDOList = enterpriseInspectionsMapper.selectList(wrapper);
// log.info("enterpriseInspectionsDOList:{}", enterpriseInspectionsDOList);
// if (enterpriseInspectionsDOList != null && enterpriseInspectionsDOList.size() > 0) {
// item.setTaskExecNum(enterpriseInspectionsDOList.size());
// final List<EnterpriseInspectionsDO> collect = enterpriseInspectionsDOList.stream().filter(res -> res.getStatus() == 5).collect(Collectors.toList());
// item.setTaskFinishNum(collect.size());
// }
//获取任务标签
final List<TagLibraryDO> tagLibraryDOS1 = tagLibraryService.listByTaskId(item.getId());
if (tagLibraryDOS1 != null && tagLibraryDOS1.size() > 0) {
@ -304,13 +257,6 @@ public class TaskInfoServiceImpl implements TaskInfoService {
});
}
// //筛选出 TaskExecNum 为0的
// if (taskInfoDOPageResult.getList() != null && taskInfoDOPageResult.getList().size() > 0) {
// final List<TaskInfoDO> collect = taskInfoDOPageResult.getList().stream().filter(res -> res.getTaskExecNum() > 0).collect(Collectors.toList());
// taskInfoDOPageResult.setList(collect);
// taskInfoDOPageResult.setTotal(Long.valueOf(collect.size()));
// }
return taskInfoDOPageResult;
}

6
yudao-server/src/main/resources/application-local.yaml

@ -46,7 +46,7 @@ spring:
primary: master
datasource:
master:
url: jdbc:mysql://192.168.2.5:3306/hb-yudao?useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true&rewriteBatchedStatements=true # MySQL Connector/J 8.X 连接的示例
url: jdbc:mysql://82.156.141.150:3306/hb-yudao?useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true&rewriteBatchedStatements=true # MySQL Connector/J 8.X 连接的示例
# url: jdbc:mysql://127.0.0.1:3306/ruoyi-vue-pro?useSSL=true&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&rewriteBatchedStatements=true # MySQL Connector/J 5.X 连接的示例
# url: jdbc:postgresql://127.0.0.1:5432/ruoyi-vue-pro # PostgreSQL 连接的示例
# url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例
@ -54,8 +54,8 @@ spring:
# url: jdbc:dm://127.0.0.1:5236?schema=RUOYI_VUE_PRO # DM 连接的示例
# url: jdbc:kingbase8://127.0.0.1:54321/test # 人大金仓 KingbaseES 连接的示例
# url: jdbc:postgresql://127.0.0.1:5432/postgres # OpenGauss 连接的示例
username: root
password: jingke@123
username: huanbao
password: DF64GBXeC4TkZcAP
# username: sa # SQL Server 连接的示例
# password: Yudao@2024 # SQL Server 连接的示例
# username: SYSDBA # DM 连接的示例

Loading…
Cancel
Save